Nmap Development mailing list archives

nmap mac osx 10.6.1 Network scans only return results for local host

From: David Radunsky <DRadunsky () intldata com>
Date: Mon, 9 Nov 2009 20:30:49 -0500

Good Day,

Thanks in advance for your assistance.  nmap is an invaluable tool!

After upgrading to Snow Leopard all scans return only information  
about my machine.  Session information follows.  Wireshark seems to be  
working, but I don't have a lot of traffic on my small net to test.   
The nmap scan leaves off the firewall at 242.1, and a printer at 242.4.

I have tried reinstalling using the mpkg for V5.

I have been searching the net and the insecure archives and haven't  
found anything helpful.  Any help would be appreciated.

rendel:~ dlr$ sudo nmap -T4 -A -v -PE -PA21,23,80,3389 192.168.242.0/24

Starting Nmap 5.00 ( http://nmap.org ) at 2009-11-09 20:18 EST
NSE: Loaded 30 scripts for scanning.
Initiating ARP Ping Scan at 20:18
Scanning 220 hosts [1 port/host]
Completed ARP Ping Scan at 20:18, 4.46s elapsed (220 total hosts)
Initiating Parallel DNS resolution of 1 host. at 20:18
Completed Parallel DNS resolution of 1 host. at 20:18, 0.02s elapsed
Initiating ARP Ping Scan at 20:18
Scanning 35 hosts [1 port/host]
Completed ARP Ping Scan at 20:18, 0.82s elapsed (35 total hosts)
Initiating SYN Stealth Scan at 20:18
Scanning 192.168.242.220 [1000 ports]
Discovered open port 5900/tcp on 192.168.242.220
Discovered open port 445/tcp on 192.168.242.220
Discovered open port 139/tcp on 192.168.242.220
Discovered open port 88/tcp on 192.168.242.220
Discovered open port 3300/tcp on 192.168.242.220
Discovered open port 548/tcp on 192.168.242.220
Discovered open port 6000/tcp on 192.168.242.220
Completed SYN Stealth Scan at 20:18, 7.97s elapsed (1000 total ports)
Initiating Service scan at 20:18
Scanning 7 services on 192.168.242.220
Completed Service scan at 20:20, 106.03s elapsed (7 services on 1 host)
Initiating OS detection (try #1) against 192.168.242.220
NSE: Script scanning 192.168.242.220.
NSE: Starting runlevel 1 scan
Initiating NSE at 20:20
Completed NSE at 20:20, 0.04s elapsed
NSE: Starting runlevel 2 scan
Initiating NSE at 20:20
Completed NSE at 20:20, 0.02s elapsed
NSE: Script Scanning completed.
Host 192.168.242.220 is up (0.00011s latency).
Interesting ports on 192.168.242.220:
Not shown: 956 closed ports, 37 filtered ports
PORT     STATE SERVICE      VERSION
88/tcp   open  kerberos-sec Mac OS X kerberos-sec
139/tcp  open  netbios-ssn  Samba smbd 3.X (workgroup: WORKGROUP)
445/tcp  open  netbios-ssn  Samba smbd 3.X (workgroup: WORKGROUP)
548/tcp  open  afp?
3300/tcp open  unknown
5900/tcp open  vnc          Apple remote desktop vnc
6000/tcp open  X11          (access denied)
1 service unrecognized despite returning data. If you know the service/ 
version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi 
  :
SF-Port548-TCP:V=5.00%I=7%D=11/9%Time=4AF8BF6B%P=i386-apple- 
darwin9.7.0%r(
SF:SSLSessionReq,17B,"\x01\x03\0\0Q\xec\xff\xff\0\0\x01k\0\0\0\0\0\x1a 
\0\(
SF:\0E\0\0\x8f\xfb\x07grendel\0z\0\x8a\0\xf0\x01b 
\rMacBookPro3,1\x04\x06AF
SF:P3\.3\x06AFP3\.2\x06AFP3\. 
1\x06AFPX03\x05\tDHCAST128\x04DHX2\x06Recon1\
SF:rClient\x20Krb\x20v2\x0fNo\x20User\x20Authent 
\0\0\0\0\0\0\x10\0\x80\0\0
SF:\x1bc\x9fF\xb9\x07\x08\x02\xc0\xa8\xf2\xdc\x02\$\x08\x02\n 
\xd37\x02\x02
SF:\$\x08\x02\n%\x81\x02\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1bc\xff 
\xf
SF:e\x9fF\xb9\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB\xff\xfe 
\0\0\x08\x
SF:02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB\xff\xfe\0\0\t\x02\$ 
\x11\x0419
SF:2\.168\.242\.220\x01oafpserver/LKDC:SHA1\. 
2C5EA9D1B40B10FC06EA6B02DFD40
SF:DEDEA608E0F@LKDC:SHA1\.2C5EA9D1B40B10FC06EA6B02DFD40DEDEA608E0F 
\0\0\x07
SF:grendel")%r(SSLv23SessionReq,17B,"\x01\x03\0\x80Q\xec\xff\xff 
\0\0\x01k\
SF:0\0\0\0\0\x1a\0\(\0E\0\0\x8f\xfb\x07grendel\0z\0\x8a\0\xf0\x01b 
\rMacBoo
SF:kPro3,1\x04\x06AFP3\.3\x06AFP3\.2\x06AFP3\. 
1\x06AFPX03\x05\tDHCAST128\x
SF:04DHX2\x06Recon1\rClient\x20Krb\x20v2\x0fNo\x20User\x20Authent 
\0\0\0\0\
SF:0\0\x10\0\x80\0\0\x1bc\x9fF\xb9\x07\x08\x02\xc0\xa8\xf2\xdc\x02\$ 
\x08\x
SF:02\n\xd37\x02\x02\$\x08\x02\n%\x81\x02\x02\$\x14\x07\xfe 
\x80\0\0\0\0\0\
SF:0\x02\x1bc\xff\xfe\x9fF\xb9\x02\$\x14\x07\xfe 
\x80\0\0\0\0\0\0\x02\x1cB\
SF:xff\xfe\0\0\x08\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB\xff\xfe 
\0\0\
SF:t\x02\$\x11\x04192\.168\.242\.220\x01oafpserver/LKDC:SHA1\. 
2C5EA9D1B40B
SF:10FC06EA6B02DFD40DEDEA608E0F@LKDC:SHA1\. 
2C5EA9D1B40B10FC06EA6B02DFD40DE
SF:DEA608E0F\0\0\x07grendel")%r(WMSRequest,17B,"\x01\x03\0NQ\xec\xff 
\xff\0
SF:\0\x01k\0\0\0\0\0\x1a\0\(\0E\0\0\x8f\xfb\x07grendel\0z\0\x8a 
\0\xf0\x01b
SF:\rMacBookPro3,1\x04\x06AFP3\.3\x06AFP3\.2\x06AFP3\. 
1\x06AFPX03\x05\tDHC
SF:AST128\x04DHX2\x06Recon1\rClient\x20Krb\x20v2\x0fNo\x20User 
\x20Authent\
SF:0\0\0\0\0\0\x10\0\x80\0\0\x1bc\x9fF\xb9\x07\x08\x02\xc0\xa8\xf2\xdc 
\x02
SF:\$\x08\x02\n\xd37\x02\x02\$\x08\x02\n%\x81\x02\x02\$\x14\x07\xfe 
\x80\0\
SF:0\0\0\0\0\x02\x1bc\xff\xfe\x9fF\xb9\x02\$\x14\x07\xfe 
\x80\0\0\0\0\0\0\x
SF:02\x1cB\xff\xfe\0\0\x08\x02\$\x14\x07\xfe\x80\0\0\0\0\0\0\x02\x1cB 
\xff\
SF:xfe\0\0\t\x02\$\x11\x04192\.168\.242\.220\x01oafpserver/LKDC:SHA1\. 
2C5E
SF:A9D1B40B10FC06EA6B02DFD40DEDEA608E0F@LKDC:SHA1\. 
2C5EA9D1B40B10FC06EA6B0
SF:2DFD40DEDEA608E0F\0\0\x07grendel");
Device type: general purpose
Running: Apple Mac OS X 10.5.X
OS details: Apple Mac OS X 10.5 - 10.5.6 (Leopard) (Darwin 9.0.0 -  
9.6.0)
Uptime guess: 58.464 days (since Sat Sep 12 10:12:03 2009)
Network Distance: 0 hops
TCP Sequence Prediction: Difficulty=252 (Good luck!)
IP ID Sequence Generation: Randomized
Service Info: OSs: Mac OS X, Unix

Host script results:
|  nbstat: NetBIOS name: GRENDEL, NetBIOS user: <unknown>, NetBIOS  
MAC: <unknown>
|  Name: GRENDEL<03>          Flags: <unique><active>
|  Name: GRENDEL<20>          Flags: <unique><active>
|  Name: GRENDEL<00>          Flags: <unique><active>
|  Name: \x01\x02__MSBROWSE__\x02<01>  Flags: <group><active>
|  Name: WORKGROUP<1d>        Flags: <unique><active>
|  Name: WORKGROUP<1e>        Flags: <group><active>
|_ Name: WORKGROUP<00>        Flags: <group><active>
|  smb-os-discovery: Unix
|  LAN Manager: Samba 3.0.28a-apple
|  Name: WORKGROUP\Unknown
|_ System time: 2009-11-09 20:20:17 UTC-5

Read data files from: /usr/local/share/nmap
OS and Service detection performed. Please report any incorrect  
results at http://nmap.org/submit/ .
Nmap done: 256 IP addresses (1 host up) scanned in 121.62 seconds
            Raw packets sent: 2121 (93.162KB) | Rcvd: 2600 (111.452KB)



--

David Radunsky
Advanced System Consultant
International Data Consultants

13302 SW 128 St
Miami, FL 33186

c 786 261-9593
o 305 253-7677
f  305 253-7657

Attachment: ATT00001.txt
Description: ATT00001.txt

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

nmap mac osx 10.6.1 Network scans only return results for local host David Radunsky (Nov 09)
- Re: nmap mac osx 10.6.1 Network scans only return results for local host Tom Sellers (Nov 09)
- Fwd: nmap mac osx 10.6.1 Network scans only return results for local host David Radunsky (Nov 09)
  - Re: Fwd: nmap mac osx 10.6.1 Network scans only return results for local host David Fifield (Nov 09)